VMware products implement the OpenSSL libraries and toolkits to generate the default certificates that are created during installation process. You can use OpenSSL to create certificate-signing requests (CSRs).

The examples used in this task and the other tasks in the certificate documentation are run from a Windows host machine and assume that the OpenSSL home directory is c:\openssl\bin.

The default OpenSSL installation includes a configuration file, openssl.cnf, located in the \bin directory. You can preconfigure settings in this configuration file, and you can overwrite default values by passing values to the command line. The syntax examples assume the following settings in the OpenSSL configuration file.

The $dir variable is set to the local (.) directory path.

The [ req ] section of the openssl.cnf has a default_keyfile variable set to $dir/rui.key.

The [CA] section references a CA_default section.

The [CA_default] section references a private_key named myroot.key.

Download OpenSSL from http://www.openssl.org.


Navigate to the OpenSSL directory.


Edit the OpenSSL configuration file (openssl.cnf), and enter the details appropriate for your environment.